- (Unpatched) Adobe Flash Player Zero-Day Exploit Spotted in the Wild
Adobe Flash Player is freeware software for using content created on the Adobe Flash platform, including viewing multimedia, executing rich Internet applications, and streaming video and audio. According to the latest report, South Korea’s Computer Emergency Response Team (KR-CERT) issued an alert Wednesday for a new Flash Player zero-day vulnerability that’s being actively exploited in the wild by North Korean hackers to target Windows users in South Korea. The attacks using the new Flash zero-day are aimed at South Korean individuals who focus on researching North Korea. The critical vulnerability affects Adobe Flash Player version 126.96.36.199. To exploit the vulnerability, all an attacker need to do is trick victims into opening Microsoft Office documents, web pages, or spam messages that contain a maliciously crafted Adobe Flash file. The company has planned to address this vulnerability in a “release planned for the week of February 5.
Cyber Security Tips: Users are strongly recommended that disable or completely remove the buggy software.